﻿using System;
using System.Linq;
using System.Web.Mvc;
using Common;
using Common.Attribute;
using Model.DtoModel;
using MvcOa.Helper;

namespace MvcOa.Logic.Admin.Filter
{
    public class AdminAuthorizeAttribute:AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            //区域名
            if (!(filterContext.RouteData.DataTokens.ContainsKey("area")&&
                filterContext.RouteData.DataTokens["area"].ToString().ToLower()=="admin"))
            {
                return;
            }
            //skip
            if (filterContext.ActionDescriptor.IsDefined(typeof (SkipAuthorizeAttribute), false)||
                filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(SkipAuthorizeAttribute), false))
            {
                return;
            }
            //login
            if (!OperationContext.Current.IsLogin())
            {
                if (filterContext.ActionDescriptor.IsDefined(typeof(AjaxAttribute), false))
                {
                    MessageModel messageModel = new MessageModel()
                    {
                        IsSuccess = false,
                        Message = "No Login",
                        Other = "~/admin/admin/login"
                    };
                    filterContext.Result = new JsonResult()
                    {
                        Data = messageModel
                    };
                }
                else
                {
                    filterContext.Result=new RedirectResult("~/admin/admin/login");
                    return;
                }
            }
            //permission
            if (OperationContext.Current.ListPermissions!=null)
            {
                var listPermission = from permission in OperationContext.Current.ListPermissions
                                     where
                                         string.Equals(permission.pAreaName, filterContext.RouteData.DataTokens["area"].ToString(),
                                             StringComparison.OrdinalIgnoreCase) &&
                                         string.Equals(permission.pControllerName,
                                             filterContext.ActionDescriptor.ControllerDescriptor.ControllerName,
                                             StringComparison.OrdinalIgnoreCase) &&
                                         string.Equals(permission.pActionName, filterContext.ActionDescriptor.ActionName,
                                             StringComparison.OrdinalIgnoreCase) &&
                                         (permission.pFormMethod==0||permission.pFormMethod == (filterContext.HttpContext.Request.HttpMethod.ToLower() == "get" ? 1 : 2))
                                     select permission;
                if (listPermission.Any())
                {
                    return; 
                }
            }

            //no permission delete user cookie 
            CookieHelper.Remove("uid");
            if (!filterContext.ActionDescriptor.IsDefined(typeof(HttpPostAttribute), false))
            {
                filterContext.Result = new RedirectResult("~/Admin/Admin/NoPermission");
                //MessageModel messageModel = new MessageModel()
                //{
                //    IsSuccess = false,
                //    Message = "No Permission",
                //    Other = "~/admin/admin/login"
                //};
                //filterContext.Result = new JsonResult()
                //{
                //    Data = messageModel
                //};
            }
        }
    }
}